##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

p
Unknown -
r611:230e22969801
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,58 +1,66
1 1 #
2 2 # Setup Locales and keyboard settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup timezone
9 9 echo "${TIMEZONE}" > "${ETC_DIR}/timezone"
10 if [ -f "${ETC_DIR}/localtime" ]; then
11 # 1. If 11-apt.sh upgrades the package 'tzdata', '/etc/localtime' was created
12 # because 'dpkg-reconfigure -f noninteractive tzdata' was executed by apt-get.
13 # 2. If '/etc/localtime' exists, our execution of 'dpkg-reconfigure -f noninteractive tzdata'
14 # will ignore the our timezone set in '/etc/timezone'.
15 # 3. Removing /etc/localtime will solve this.
16 rm -f "${ETC_DIR}/localtime"
17 fi
10 18 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11 19
12 20 # Install and setup default locale and keyboard configuration
13 21 if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then
14 22 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 23 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 24 # ... so we have to set locales manually
17 25 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
18 26 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
19 27 else
20 28 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
21 29 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
22 30 sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen"
23 31 fi
24 32
25 33 sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen"
26 34 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
27 35 chroot_exec locale-gen
28 36 chroot_exec update-locale LANG="${DEFLOCAL}"
29 37
30 38 # Install and setup default keyboard configuration
31 39 if [ "$XKB_MODEL" != "" ] ; then
32 40 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard"
33 41 fi
34 42 if [ "$XKB_LAYOUT" != "" ] ; then
35 43 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard"
36 44 fi
37 45 if [ "$XKB_VARIANT" != "" ] ; then
38 46 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard"
39 47 fi
40 48 if [ "$XKB_OPTIONS" != "" ] ; then
41 49 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard"
42 50 fi
43 51 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44 52
45 53 # Install and setup font console
46 54 case "${DEFLOCAL}" in
47 55 *UTF-8)
48 56 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup"
49 57 ;;
50 58 *)
51 59 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup"
52 60 ;;
53 61 esac
54 62 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 63 else # (no locales were installed)
56 64 # Install POSIX default locale
57 65 install_readonly files/locales/locale "${ETC_DIR}/default/locale"
58 66 fi
Show file before | Show file after | Hide comments
@@ -1,116 +1,113
1 1 #
2 2 # Setup fstab and initramfs
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup fstab
9 9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
10 10
11 11 # Add usb/sda disk root partition to fstab
12 12 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
13 13 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
14 14 fi
15 15
16 16 # Add encrypted root partition to fstab and crypttab
17 17 if [ "$ENABLE_CRYPTFS" = true ] ; then
18 18 # Replace fstab root partition with encrypted partition mapping
19 19 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
20 20
21 21 # Add encrypted partition to crypttab and fstab
22 22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
23 23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
24 24
25 25 if [ "$ENABLE_SPLITFS" = true ] ; then
26 26 # Add usb/sda1 disk to crypttab
27 27 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
28 28 fi
29 29 fi
30 30
31 31 if [ "$ENABLE_USBBOOT" = true ] ; then
32 32 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
33 33 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
34 34
35 35 # Add usb/sda2 disk to crypttab
36 if [ "$ENABLE_CRYPTFS" = true ] ; then
36 37 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
37 38 fi
39 fi
38 40
39 41 # Generate initramfs file
40 42 if [ "$ENABLE_INITRAMFS" = true ] ; then
41 43 if [ "$ENABLE_CRYPTFS" = true ] ; then
42 44 # Include initramfs scripts to auto expand encrypted root partition
43 45 if [ "$EXPANDROOT" = true ] ; then
44 46 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
45 47 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
46 48 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
47 49 fi
48 50
49 51 if [ "$ENABLE_DHCP" = false ] ; then
50 52 # Get cdir from NET_ADDRESS e.g. 24
51 53 cdir=$(printf ${NET_ADDRESS} | cut -d '/' -f2)
52 54
53 55 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
54 56 NET_MASK=$(cdr2mask "$cdir")
55 57
56 58 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
57 59 sed -i "\$aIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
58
59 # Regenerate initramfs
60 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
61 60 fi
62 61
63 62 if [ "$CRYPTFS_DROPBEAR" = true ]; then
64 63 if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
65 64 install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
66 65 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys
67 66 else
68 67 # Create key
69 68 chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear
70 69
71 70 # Convert dropbear key to openssh key
72 71 chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa
73 72
74 73 # Get Public Key Part
75 74 chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear | chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub
76 75
77 76 # Delete unwanted lines
78 77 sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
79 78 sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
80 79
81 80 # Trust the new key
82 81 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys
83 82
84 83 # Save Keys - convert with putty from rsa/openssh to puttkey
85 84 cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa
85 fi
86 86
87 87 # Get unlock script
88 88 install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh
89 89
90 90 # Enable Dropbear inside initramfs
91 91 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
92 92
93 93 # Enable Dropbear inside initramfs
94 94 sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear
95 fi
96 95 else
97 96 # Disable SSHD inside initramfs
98 97 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
99 98 fi
100 99
101 100 # Add cryptsetup modules to initramfs
102 101 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
103 102
104 103 # Dummy mapping required by mkinitramfs
105 104 echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
106 105
107 # Generate initramfs with encrypted root partition support
108 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
109
110 106 # Remove dummy mapping
111 107 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
112 108 else
109
110 fi
113 111 # Generate initramfs without encrypted root partition support
114 112 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
115 113 fi
116 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant